From nobody Sun May 19 11:06:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1644343827; cv=none; d=zohomail.com; s=zohoarc; b=FkGiHu5fTFPuJ1AkXT3DuJeXbVtR8uQRPHIKVtaAec7ovapRtB8nmEy47zwyVYCUQJ1MyXzkDjYhFY6tSWabH8KlASttaIuYedTLtFKJfEu40ct5bMUeikVElMgefbHHc2IkRJNe+nO7KThpIN4cFrKnqp2Pgc3r/sZoIHpeOI0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1644343827; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=cued5HGcqzfDURZqGfR6mH0GxZn4Al9/5rCokQwX/G0=; b=TinnWscJIADyn/sKvo8POhVfEMJE76ZUAzc/S+5nMmYNdU+s1ui8HdSfN6lE0DV7hRewjbv3E1sK/WU83w3JIU8m+HfKnKXWnEPDUToFW70piU3eG2bdtLRasWBXJx69AS6rJPTlnjwc+8Lv6H24umRySZin3jSxnZPxYS1L7Lc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 164434382777969.61389696994524; Tue, 8 Feb 2022 10:10:27 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.268583.462435 (Exim 4.92) (envelope-from ) id 1nHUwE-0003YB-Hs; Tue, 08 Feb 2022 18:10:02 +0000 Received: by outflank-mailman (output) from mailman id 268583.462435; Tue, 08 Feb 2022 18:10:02 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwE-0003Xf-Dz; Tue, 08 Feb 2022 18:10:02 +0000 Received: by outflank-mailman (input) for mailman id 268583; Tue, 08 Feb 2022 18:10:01 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwD-0003Sy-6C for xen-devel@lists.xenproject.org; Tue, 08 Feb 2022 18:10:01 +0000 Received: from esa1.hc3370-68.iphmx.com (esa1.hc3370-68.iphmx.com [216.71.145.142]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 52deec30-890a-11ec-8eb8-a37418f5ba1a; Tue, 08 Feb 2022 19:09:59 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 52deec30-890a-11ec-8eb8-a37418f5ba1a DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1644343799; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=0oObUQpZAUPYFZpIBW0xewUnMdr0+AaT7RXg0NpNwug=; b=BnWdPMNtyl3c4JcNm/zrgdDwQ+CtQmSylqEassSeZeHDeVoNsLM/Cln5 k2I0HX320JKLM6Y1JwQZie129ruMjwEucZlx9ZTc4n3yv+ilPNjIRytyM rQUf1JCQCD4fDmqwfd3f/tjGHUpF+czosKgFWyw6QUWdXhOEoB3qL6vco Q=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: vykE8PlYTPcHxHdlWU41j30bG1djZdD9FKl08Kygc/jOWjGP5y4OSQ63ydDpAiOGuDHflUFPQ6 o3CuappdhSkLGUSNmTnGz4KgrYBQJfTdGA9Lvp/FXgSIxzQkCwLRrwNTSX9Ke6XbwzUJjuO1JT p4XBpWFGF6eLm2zct6DNHhEEzD6jDsGsX4PEVZfm0ycePsU0ntbCyw1giNrSbaNWLR4Z3ubmTo 7syMOeCw0R9Qn6VbYQv1eC8LmXr3dCcswNWq1Ja0qo556ioJxLfgdR1Nq1ZYDI4SGbG6Bcqy+E nEWdXbLHWpw+CFaj22nGBD6r X-SBRS: 5.1 X-MesageID: 64166858 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:rM9HU6NtXoVGVBnvrR2GkMFynXyQoLVcMsEvi/4bfWQNrUp21zcOy TBJWjvQbvuPNjTwed10Poy+8xgG7JGGnYA3Hgto+SlhQUwRpJueD7x1DKtR0wB+jCHnZBg6h ynLQoCYdKjYdpJYz/uUGuCJQUNUjMlkfZKhTr6UUsxNbVU8En1500ozw7RRbrNA2rBVPSvc4 bsenOWHULOV82Yc3rU8sv/rRLtH5ZweiRtA1rAMTakjUGz2zhH5OKk3N6CpR0YUd6EPdgKMq 0Qv+5nilo/R109F5tpICd8XeGVSKlLZFVDmZna7x8FOK/WNz8A/+v9TCRYSVatYoxSqgtNYk 8UQjLGhEgcwFKHFscowAjANRkmSPYUekFPGCX22sMjVxEzaaXr8hf5pCSnaP6VBpLwxWzsXs 6VFdnZdNXhvhMrvqF6/YsBqit4uM4/AO4QHt2s75TrYEewnUdbIRKCiCdpwgmtp2J4eQKa2i 8wxSjNpaS3bPzZ1BQk8Lqozkc2F2HP9SmgNwL6SjfVuuDWCpOBr65D9PdyQdtGUSMF9mkeDu nmA72n/GgsdNtGU1XyC6H3EuwPUtXqlAsRITuT+r6M0xg3IroAONPEIfXqYvPqQ0V7jYv9Oc EwN0CYnhIYfpWX+G7ERQCaEiHKDuxcdXf9ZHOs79ByBx8Lo3uqJOoQXZmUfMYJ77afaURRvj wbUxI2xWVSDpZXIESr1y1uCkd+l1cH5x0cmbDRMcwYK6sKLTGob3kOWFYYL/EJYY7TI9dDML 9Ki8XJWa1Y715djO0CHEbfv2WPEm3QxZlRpjjg7p0r8hu+DWKarZpaz9X/Q5utaIYCSQzGp5 SZYx5HPtblQXMvUz0Rhpdnh+5nztp643MD02wYzT/HNCRzxk5JcQWygyG4nfxo4Wir1UTTof FXSqWtsCGx7ZxOXgVtMS9vpUawClPG4ffy8D6y8RoceM/BZKV7clAkzNBH49z62yiAEz/pgU ap3hO7xVB72/4w8l2HoLwrcuJd2rh0DKZT7H8iklk/6iurHPxZ4i94taTOzUwzw14vcyC29z jqVH5LiJ8x3XLKsby/J35QUKFxWf3E3CYqv855cd/KZIxogE2YkUqeDzbQkco1jvqJUiuaXo S3tBh4GkALy1S/dNAGHSnF/c7ezD5xxmm02YH43NlGy1nl9PYv2tPUDd4E6dKUM/fB4yaImV OEMfsiNW6wdSjnO9zkHQ4P6qYhuKEaiiQ6UZnL3azkjZZ9wAQfO/4a8LAfo8SAPCAuxtNc// OL8hl+KH8JbSl07XsjMaf+pw1eghlQnmbp/DxnSP91eWETw64w2eSb/ueA6fpMXIhLZyzrEi wvPWUUEpfPAqpMe+cXSgfzWtJ+gFuZzExYIH2Tf6rrqZyDW8nD6nN1FWeeMOzvcSHn16OOpY uAMl6PwN/gOnVBrtYtgEuk0kfJitoW3/7IKnB55GHjrbkiwDuIyK3aL6sBDq6lRy+ILogCxQ E+OpoFXNLjh1BkJy7LNyN7Jtti+6Mw= IronPort-HdrOrdr: A9a23:aABuLK9REeYKrKiB8QJuk+DaI+orL9Y04lQ7vn2YSXRuHPBw9v re5cjzuiWVtN98Yh0dcJW7Scy9qBDnhPhICOsqTNSftWDd0QPCRuxfBMnZslnd8kXFh4lgPM xbEpSWZueeMbEDt7eZ3DWF X-IronPort-AV: E=Sophos;i="5.88,353,1635220800"; d="scan'208";a="64166858" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper Subject: [PATCH 1/6] x86/spec-ctrl: Clean up MSR_MCU_OPT_CTRL handling Date: Tue, 8 Feb 2022 18:09:37 +0000 Message-ID: <20220208180942.14871-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220208180942.14871-1-andrew.cooper3@citrix.com> References: <20220208180942.14871-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1644343829097100011 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Introduce cpu_has_srbds_ctrl as more users are going to appear shortly. MSR_MCU_OPT_CTRL is gaining extra functionality, meaning that the current default_xen_mcu_opt_ctrl is no longer a good fit. Introduce two new helpers, update_mcu_opt_ctrl() which does a full RMW cycle on the MSR, and set_in_mcu_opt_ctrl() which lets callers configure specific bits at a time without clobbering each others settings. No functional change. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- xen/arch/x86/acpi/power.c | 3 +-- xen/arch/x86/cpu/intel.c | 32 +++++++++++++++++++++++++++++ xen/arch/x86/include/asm/cpufeature.h | 1 + xen/arch/x86/include/asm/processor.h | 3 +++ xen/arch/x86/include/asm/spec_ctrl.h | 2 -- xen/arch/x86/smpboot.c | 3 +-- xen/arch/x86/spec_ctrl.c | 38 ++++++++++++-------------------= ---- 7 files changed, 51 insertions(+), 31 deletions(-) diff --git a/xen/arch/x86/acpi/power.c b/xen/arch/x86/acpi/power.c index d4bdc3e7df42..5eaa77f66a28 100644 --- a/xen/arch/x86/acpi/power.c +++ b/xen/arch/x86/acpi/power.c @@ -301,8 +301,7 @@ static int enter_state(u32 state) ci->last_spec_ctrl =3D default_xen_spec_ctrl; } =20 - if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) ) - wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl); + update_mcu_opt_ctrl(); =20 /* (re)initialise SYSCALL/SYSENTER state, amongst other things. */ percpu_traps_init(); diff --git a/xen/arch/x86/cpu/intel.c b/xen/arch/x86/cpu/intel.c index 9b011c344636..e7d4dd652f9f 100644 --- a/xen/arch/x86/cpu/intel.c +++ b/xen/arch/x86/cpu/intel.c @@ -15,6 +15,38 @@ #include "cpu.h" =20 /* + * MSR_MCU_OPT_CTRL is a collection of unrelated functionality, with separ= ate + * enablement requirements, but which want to be consistent across the sys= tem. + */ +static uint32_t __read_mostly mcu_opt_ctrl_mask; +static uint32_t __read_mostly mcu_opt_ctrl_val; + +void update_mcu_opt_ctrl(void) +{ + uint32_t mask =3D mcu_opt_ctrl_mask, lo, hi; + + if ( !mask ) + return; + + rdmsr(MSR_MCU_OPT_CTRL, lo, hi); + + lo &=3D ~mask; + lo |=3D mcu_opt_ctrl_val; + + wrmsr(MSR_MCU_OPT_CTRL, lo, hi); +} + +void __init set_in_mcu_opt_ctrl(uint32_t mask, uint32_t val) +{ + mcu_opt_ctrl_mask |=3D mask; + + mcu_opt_ctrl_val &=3D ~mask; + mcu_opt_ctrl_val |=3D (val & mask); + + update_mcu_opt_ctrl(); +} + +/* * Processors which have self-snooping capability can handle conflicting * memory type across CPUs by snooping its own cache. However, there exists * CPU models in which having conflicting memory types still leads to diff --git a/xen/arch/x86/include/asm/cpufeature.h b/xen/arch/x86/include/a= sm/cpufeature.h index 4754940e23f3..a0ab6d7d78ea 100644 --- a/xen/arch/x86/include/asm/cpufeature.h +++ b/xen/arch/x86/include/asm/cpufeature.h @@ -134,6 +134,7 @@ #define cpu_has_avx512_4vnniw boot_cpu_has(X86_FEATURE_AVX512_4VNNIW) #define cpu_has_avx512_4fmaps boot_cpu_has(X86_FEATURE_AVX512_4FMAPS) #define cpu_has_avx512_vp2intersect boot_cpu_has(X86_FEATURE_AVX512_VP2INT= ERSECT) +#define cpu_has_srbds_ctrl boot_cpu_has(X86_FEATURE_SRBDS_CTRL) #define cpu_has_rtm_always_abort boot_cpu_has(X86_FEATURE_RTM_ALWAYS_ABORT) #define cpu_has_tsx_force_abort boot_cpu_has(X86_FEATURE_TSX_FORCE_ABORT) #define cpu_has_serialize boot_cpu_has(X86_FEATURE_SERIALIZE) diff --git a/xen/arch/x86/include/asm/processor.h b/xen/arch/x86/include/as= m/processor.h index e2e1eaf5bd0d..23639d5479a3 100644 --- a/xen/arch/x86/include/asm/processor.h +++ b/xen/arch/x86/include/asm/processor.h @@ -626,6 +626,9 @@ extern int8_t opt_tsx, cpu_has_tsx_ctrl; extern bool rtm_disabled; void tsx_init(void); =20 +void update_mcu_opt_ctrl(void); +void set_in_mcu_opt_ctrl(uint32_t mask, uint32_t val); + enum ap_boot_method { AP_BOOT_NORMAL, AP_BOOT_SKINIT, diff --git a/xen/arch/x86/include/asm/spec_ctrl.h b/xen/arch/x86/include/as= m/spec_ctrl.h index a803d16f9065..f76029523610 100644 --- a/xen/arch/x86/include/asm/spec_ctrl.h +++ b/xen/arch/x86/include/asm/spec_ctrl.h @@ -54,8 +54,6 @@ extern int8_t opt_pv_l1tf_hwdom, opt_pv_l1tf_domu; */ extern paddr_t l1tf_addr_mask, l1tf_safe_maddr; =20 -extern uint64_t default_xen_mcu_opt_ctrl; - static inline void init_shadow_spec_ctrl_state(void) { struct cpu_info *info =3D get_cpu_info(); diff --git a/xen/arch/x86/smpboot.c b/xen/arch/x86/smpboot.c index 22ae4c1b2de9..335129a0104d 100644 --- a/xen/arch/x86/smpboot.c +++ b/xen/arch/x86/smpboot.c @@ -385,8 +385,7 @@ void start_secondary(void *unused) wrmsrl(MSR_SPEC_CTRL, default_xen_spec_ctrl); info->last_spec_ctrl =3D default_xen_spec_ctrl; } - if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) ) - wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl); + update_mcu_opt_ctrl(); =20 tsx_init(); /* Needs microcode. May change HLE/RTM feature bits. */ =20 diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index ee862089b7f6..3628b4b4154f 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -67,7 +67,6 @@ static bool __initdata cpu_has_bug_msbds_only; /* =3D> mi= nimal HT impact. */ static bool __initdata cpu_has_bug_mds; /* Any other M{LP,SB,FB}DS combina= tion. */ =20 static int8_t __initdata opt_srb_lock =3D -1; -uint64_t __read_mostly default_xen_mcu_opt_ctrl; =20 static int __init parse_spec_ctrl(const char *s) { @@ -376,7 +375,7 @@ static void __init print_details(enum ind_thunk thunk, = uint64_t caps) (default_xen_spec_ctrl & SPEC_CTRL_SSBD) ? " SSBD+" : " SSBD-", !(caps & ARCH_CAPS_TSX_CTRL) ? "" : (opt_tsx & 1) ? " TSX+" : " TSX-", - !boot_cpu_has(X86_FEATURE_SRBDS_CTRL) ? "" : + !cpu_has_srbds_ctrl ? "" : opt_srb_lock ? " SRB_LOCK+" : " SR= B_LOCK-", opt_ibpb ? " IBPB" : "", opt_l1d_flush ? " L1D_FLUSH" : "", @@ -1251,32 +1250,24 @@ void __init init_speculation_mitigations(void) tsx_init(); } =20 - /* Calculate suitable defaults for MSR_MCU_OPT_CTRL */ - if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) ) + /* + * On some SRBDS-affected hardware, it may be safe to relax srb-lock by + * default. + * + * On parts which enumerate MDS_NO and not TAA_NO, TSX is the only kno= wn + * way to access the Fill Buffer. If TSX isn't available (inc. SKU + * reasons on some models), or TSX is explicitly disabled, then there = is + * no need for the extra overhead to protect RDRAND/RDSEED. + */ + if ( cpu_has_srbds_ctrl ) { - uint64_t val; - - rdmsrl(MSR_MCU_OPT_CTRL, val); - - /* - * On some SRBDS-affected hardware, it may be safe to relax srb-lo= ck - * by default. - * - * On parts which enumerate MDS_NO and not TAA_NO, TSX is the only= way - * to access the Fill Buffer. If TSX isn't available (inc. SKU - * reasons on some models), or TSX is explicitly disabled, then th= ere - * is no need for the extra overhead to protect RDRAND/RDSEED. - */ if ( opt_srb_lock =3D=3D -1 && (caps & (ARCH_CAPS_MDS_NO|ARCH_CAPS_TAA_NO)) =3D=3D ARCH_CAPS= _MDS_NO && (!cpu_has_hle || ((caps & ARCH_CAPS_TSX_CTRL) && rtm_disabled= )) ) opt_srb_lock =3D 0; =20 - val &=3D ~MCU_OPT_CTRL_RNGDS_MITG_DIS; - if ( !opt_srb_lock ) - val |=3D MCU_OPT_CTRL_RNGDS_MITG_DIS; - - default_xen_mcu_opt_ctrl =3D val; + set_in_mcu_opt_ctrl(MCU_OPT_CTRL_RNGDS_MITG_DIS, + opt_srb_lock ? 0 : MCU_OPT_CTRL_RNGDS_MITG_DIS= ); } =20 print_details(thunk, caps); @@ -1314,9 +1305,6 @@ void __init init_speculation_mitigations(void) wrmsrl(MSR_SPEC_CTRL, val); info->last_spec_ctrl =3D val; } - - if ( boot_cpu_has(X86_FEATURE_SRBDS_CTRL) ) - wrmsrl(MSR_MCU_OPT_CTRL, default_xen_mcu_opt_ctrl); } =20 static void __init __maybe_unused build_assertions(void) --=20 2.11.0 From nobody Sun May 19 11:06:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1644343826; cv=none; d=zohomail.com; s=zohoarc; b=JoDBTBMbCD6bVdgJWiTA7WECbBX/AkJdmqdpEb0sPZ7/VfHWy8y1fZpUfxbmPCAUHoxHAm6/4XVJ66eXZe9bPSs4IKnzN66WJxeRjNufNnRyozOJmEHhqe1dK+EQZJ5d0175YWCgiljL6/BzP0qMjoUgCAjhF9XjyIhwtgg7sZg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1644343826; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=8swy3fm+tfVO+FKgdJubEjuL0KgmLWNA64L+47EnkHg=; b=MU72zXb6TgVzsBRK42jLjeEF4DpXA/Zy0vcvt+dwEAK/cmMOTYCkpk2Lymrrnm1TIqiApcvDXD35ko4st1SXtIBCqy7LViLZetrX1xvQrJ8Npl/tr+S9pkMKi9sJURRV0YdPkqYDLdeFk5KIP6Jkqlr5HgkyTP2ybOx1UV/iuqU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1644343826287424.03540051678533; Tue, 8 Feb 2022 10:10:26 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.268585.462461 (Exim 4.92) (envelope-from ) id 1nHUwG-0004IY-E7; Tue, 08 Feb 2022 18:10:04 +0000 Received: by outflank-mailman (output) from mailman id 268585.462461; Tue, 08 Feb 2022 18:10:04 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwG-0004H0-9L; Tue, 08 Feb 2022 18:10:04 +0000 Received: by outflank-mailman (input) for mailman id 268585; Tue, 08 Feb 2022 18:10:02 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwE-0003Sy-8I for xen-devel@lists.xenproject.org; Tue, 08 Feb 2022 18:10:02 +0000 Received: from esa3.hc3370-68.iphmx.com (esa3.hc3370-68.iphmx.com [216.71.145.155]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 536fc97b-890a-11ec-8eb8-a37418f5ba1a; Tue, 08 Feb 2022 19:10:00 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 536fc97b-890a-11ec-8eb8-a37418f5ba1a DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1644343800; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=DN+j1b19UntwqTcT4SnsDIhwfs0fbGijJq0oTfhrAtY=; b=bqITvqfJtZPORMHkKN4c7jTZEJ4olXNAtMZR1SguSfiTSx4vIH7rJWhL 6UdVY+e/5au+Nod4P17HxE17bqfYeGDGYytTif50aXIJmhRFAge7FfEox DX304aQxRQhs6icnknSoCb704CYl6V+pYVbGM/LjlZkRumBVEaYtcSMJV A=; Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: xPKKKpj7P7kS3oyR+8rIrgQ1Sc20KcOIGGUP5uirGnRu78F1sR2pzl+MjFtrgil/R+dECnK4rW G5kCu4BuCIrPTfCAesYGMEB+nFc/8ZDyrZWROPHHf+aygX5e374xqpc0GqhNyyuctlJoqI8mKY O9lkQsEDihH+78M7CNrfm3mgkHgBgQkYOkU0c+/X+cQZr50zmJZz71nYEIp91K9WQA/6ZPkqw8 Tn1M72/D5iKpOkHeFKqYAKBsiEnhDrD+4/XZXpMMZ7svobc1lhEy5F2n3bitKSas29RIu37Bbq cjqr7inWzzDqRphcFpa2GFb6 X-SBRS: 5.1 X-MesageID: 63762631 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:pxkam6CRNaqJCRVW/wPkw5YqxClBgxIJ4kV8jS/XYbTApDon1jwAy mEdUWqHPqqDNDCgfox1a4Tno01SvJLUz98wQQY4rX1jcSlH+JHPbTi7wuYcHM8wwunrFh8PA xA2M4GYRCwMo/u1Si6FatANl1ElvU2zbue6WL6s1hxZH1c+En970UI7wYbVv6Yz6TSHK1LV0 T/Ni5W31G+Ng1aY5UpNtspvADs21BjDkGtwUm4WPJinj3eH/5UhN7oNJLnZEpfNatI88thW5 Qr05OrREmvxp3/BAz4++1rxWhVirrX6ZWBihpfKMkQLb9crSiEai84G2PQghUh/oSSEu81D6 u93r5G1ezgDAqrFt/o5XEwNe81+FfUuFL7vJHG+tYqYzlHccmuqyPJrZK00FdRGoKAtWzgIr KFGbmBWBvyAr7veLLaTY+9gnMk8auLsO5sSoCpIxjDFF/c2B5vERs0m4PcGh2hu3J4VRJ4yY eIkNQQsTQ2RQCRFBXcyA6ADnbqVtHPWJmgwRFW9+vNsvjm7IBZK+KjgNp/Zd8KHQe1Rn12Ev STW8mLhGBYYOdeDjz2f/RqRavTnxH2hHthITfvhq6As0Ab7KnEv5AM+f0q2heSLqHSEQd9aG XM+xi0ngrYW+xn+JjXiZCGQrHmBtx8aftNfFewm9Q2AopbpDxal6nssFWAYNoF/3CMibXlzj wLSwYu1bdB6mODNERqgGqGoQSRe0MT/BUsLfmc6QAQM+LEPS6lj30uUHr6P/ENY5+AZ+A0cI RjX9kDSZJ1J1KbnMplXGnid0lqRSmDhFFJd2+ktYkqr7xlieKmubJGy5F7Q4J5oddjFEgDQ5 SFaypLHt4ji6K1hcwTXEY0w8EyBva7ZYFUwf3Yzd3Xey9hd0yH6Jt0BiN2PDExoLtwFaVfUj Lz74mtsCGtoFCLyN8dfOtvpY+xzlPSIPYm1B5j8M4sVCrAsJVDv1H81Pya4gTuy+HXAZIliY P+za9i3N38GBMxPlXzuLwvr+eRwnX5WKKK6bc2T8ilLJpLEPCHMEupeYALVBg37hYvdyDjoH x9kH5Pi431ivCfWP0E7KKYfcgIHK2YVH5fzp5AFf+KPOFM+SmogF+XQ0fUqfIk8x/ZZkeLB/ 3ecXE5EyQWg2S2beFvSMn0zOqnyWZtfrG4gOXB+N1ifxHV+M52k670SdsVrcOB/pvBj1/N9U 9IMZ96EXqZUUj3C9jlENcv9oYVueQ6FnwWLOyb5MjEzc4Q5H17C+8P+fxup/y4LV3Llucw7q rym9wXaXZtcGFgyUJeIMKqilgrjs2IcleR+W1rzDuNSIEi8opJ3LyHRj+MsJ51eIxv02TbHh R2dBg0VpLeRrtZtosXJn62Ns6ygD/B6QhhBB2De4Lu7aXva826kzdMSWeqEZ2mABmb9+aHkb uRJ1fDsdvYAmQ8S4YZ7Fr9qy4M45sfu+OAGnlg1Qi2TYgT5EK5kL1mHwdJL5/9EybJusAerX l6Cp4tBMrKTNcK5SFMcKWLJtAhYOS34TtUK0ckIHQ== IronPort-HdrOrdr: A9a23:Cta2y6/Nu9P6t7CZKUpuk+DaI+orL9Y04lQ7vn2YSXRuHPBw9v re5cjzuiWVtN98Yh0dcJW7Scy9qBDnhPhICOsqTNSftWDd0QPCRuxfBMnZslnd8kXFh4lgPM xbEpSWZueeMbEDt7eZ3DWF X-IronPort-AV: E=Sophos;i="5.88,353,1635220800"; d="scan'208";a="63762631" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper Subject: [PATCH 2/6] x86/tsx: Move has_rtm_always_abort to an outer scope Date: Tue, 8 Feb 2022 18:09:38 +0000 Message-ID: <20220208180942.14871-3-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220208180942.14871-1-andrew.cooper3@citrix.com> References: <20220208180942.14871-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1644343827180100001 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We are about to introduce a second path which needs to conditionally force = the presence of RTM_ALWAYS_ABORT. No functional change. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- xen/arch/x86/tsx.c | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/xen/arch/x86/tsx.c b/xen/arch/x86/tsx.c index 88adf08c4973..c3b8a7ec0076 100644 --- a/xen/arch/x86/tsx.c +++ b/xen/arch/x86/tsx.c @@ -42,6 +42,7 @@ void tsx_init(void) if ( unlikely(cpu_has_tsx_ctrl < 0) ) { uint64_t caps =3D 0; + bool has_rtm_always_abort; =20 if ( boot_cpu_data.cpuid_level >=3D 7 ) boot_cpu_data.x86_capability[cpufeat_word(X86_FEATURE_ARCH_CAP= S)] @@ -51,6 +52,7 @@ void tsx_init(void) rdmsrl(MSR_ARCH_CAPABILITIES, caps); =20 cpu_has_tsx_ctrl =3D !!(caps & ARCH_CAPS_TSX_CTRL); + has_rtm_always_abort =3D cpu_has_rtm_always_abort; =20 if ( cpu_has_tsx_force_abort ) { @@ -67,11 +69,7 @@ void tsx_init(void) * RTM_ALWAYS_ABORT enumerates the new functionality, but is a= lso * read as zero if TSX_FORCE_ABORT.ENABLE_RTM has been set bef= ore * we run. - * - * Undo this behaviour in Xen's view of the world. */ - bool has_rtm_always_abort =3D cpu_has_rtm_always_abort; - if ( !has_rtm_always_abort ) { uint64_t val; @@ -83,15 +81,6 @@ void tsx_init(void) } =20 /* - * Always force RTM_ALWAYS_ABORT, even if it currently visible. - * If the user explicitly opts to enable TSX, we'll set - * TSX_FORCE_ABORT.ENABLE_RTM and cause RTM_ALWAYS_ABORT to be - * hidden from the general CPUID scan later. - */ - if ( has_rtm_always_abort ) - setup_force_cpu_cap(X86_FEATURE_RTM_ALWAYS_ABORT); - - /* * If no explicit tsx=3D option is provided, pick a default. * * This deliberately overrides the implicit opt_tsx=3D-3 from @@ -108,10 +97,19 @@ void tsx_init(void) * With RTM_ALWAYS_ABORT, disable TSX. */ if ( opt_tsx < 0 ) - opt_tsx =3D !cpu_has_rtm_always_abort; + opt_tsx =3D !has_rtm_always_abort; } =20 /* + * Always force RTM_ALWAYS_ABORT, even if it currently visible. If + * the user explicitly opts to enable TSX, we'll set the appropria= te + * RTM_ENABLE bit and cause RTM_ALWAYS_ABORT to be hidden from the + * general CPUID scan later. + */ + if ( has_rtm_always_abort ) + setup_force_cpu_cap(X86_FEATURE_RTM_ALWAYS_ABORT); + + /* * The TSX features (HLE/RTM) are handled specially. They both * enumerate features but, on certain parts, have mechanisms to be * hidden without disrupting running software. --=20 2.11.0 From nobody Sun May 19 11:06:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1644343833; cv=none; d=zohomail.com; s=zohoarc; b=MB8M/zZrfN/idgSl1Q92mBkyjEcYYFTfaDwOR7neF0weL4mWCAJnuZoQP7ezCWDXAbgINkoUuGTKlR5vZamYhXIvYljydDiaK6OURe8qlOCcxIdUvoSqaEnQIMZUA15ppcqvveg7wddD8fKZ/rghtmIp9nl36bslU6P9nHQAzN0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1644343833; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=T8UjgFvk5zYfzkrmxb7ZA2XGaO9oceo/gsAItKxZGNI=; b=apjbsnV4X1JZ6PnUuniIoa6gChtWsA8kTFd7nw3c4ge4irich6J/DybGhoMfCLl8gMQov23zg8mmv7mK4/0wPT2gpilGyGbgbuMaSRGM8UWmQkgYngr+9/yPXibVGkfF8OeC33+aBR/uRri9EeKlx2m/QBaWUBRKSvOM9k/V6bI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1644343833446767.9817978213387; Tue, 8 Feb 2022 10:10:33 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.268584.462441 (Exim 4.92) (envelope-from ) id 1nHUwE-0003fe-Uj; Tue, 08 Feb 2022 18:10:02 +0000 Received: by outflank-mailman (output) from mailman id 268584.462441; Tue, 08 Feb 2022 18:10:02 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwE-0003cw-NG; Tue, 08 Feb 2022 18:10:02 +0000 Received: by outflank-mailman (input) for mailman id 268584; Tue, 08 Feb 2022 18:10:01 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwD-0003Sy-Nw for xen-devel@lists.xenproject.org; Tue, 08 Feb 2022 18:10:01 +0000 Received: from esa2.hc3370-68.iphmx.com (esa2.hc3370-68.iphmx.com [216.71.145.153]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 53cc5cab-890a-11ec-8eb8-a37418f5ba1a; Tue, 08 Feb 2022 19:09:59 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 53cc5cab-890a-11ec-8eb8-a37418f5ba1a DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1644343799; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=r/2OFdLFluiUKzfzM+tz9rmzcXaHYU7oLqLx2nL9rWg=; b=R8p7jKxvXIXPwaBMIBxL727gZavS34k8oTK4+Keq2MUCWLRbuen/fP7F Nw0pN/1pZMPF1hgDyfviJGYGbUZnoKlvn/uEavu/G0KOhxLP6rKpMrM6C x2taxj6E9MeKQovUJQQWFOc2NK9XBNkf2PBt4SPmP3eJ4RPJejhf28DCC Y=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: dBJplvIeLSk9fTmGkAKUqYmm5dAHSWNBn6Kv+xz3DfUg5DNEpr/DdDX/3qVL8RBYJ1xezUkcW7 gQe8ZEJv3ZQRqlvAN1i/tL19nMIWD4bnN/yLIvEUehwt4aSKdrSMY+he7sK+4W2+xz7vIthqBk fAcWZQDbfBaaex90OQ3qBzmkQgdhI9a1b+6wxtIMdBcETky/yhWoj3DFEaG5ybH1WTfbyGeHbs DmqAUFMl0SqgzUmSS76nT2XxzVH3nv2CFtxpqNkESLx46ZrzqWtMk0fQ8knc7Wy1KJbAWfMIC3 JNwiKLNoXBct83X4iS6n63ZA X-SBRS: 5.1 X-MesageID: 63762677 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:lXjFbKqpOGFwu020/RowMy017dheBmI7YhIvgKrLsJaIsI4StFCzt garIBmGP/aLYmT8fdl0YYu/8h4B6MeDx99rQAM6+Hw3ESNDp5uZCYyVIHmrMnLJJKUvbq7GA +byyDXkBJppJpMJjk71atANlZT4vE2xbuKU5NTsY0idfic5Dndx4f5fs7Rh2NQw24DpW1nlV e7a+KUzBnf0g1aYDUpMg06zgEsHUCPa4W5wUvQWPJinjXeG/5UnJMt3yZKZdhMUdrJ8DO+iL 9sv+Znilo/vE7XBPfv++lrzWhVirrc/pmFigFIOM0SpqkAqSiDfTs/XnRfTAKtao2zhojx/9 DlCncWZcQVyFZ3Nou86SxV7VHx0ZqB09bCSdBBTseTLp6HHW37lwvEoB0AqJ4wIvO1wBAmi9 9RBdmpLNErawbvrnvTrEYGAhex6RCXvFKoZtmtt0nfyCvE+TIqYa67L+cVZzHE7gcUm8fP2O ZFGN2AxM0uojxtnCgpUBJAyudeS2VLcbxxzi3/KiJgs2j2GpOB2+Oe0a4eEEjCQfu1Fk0Ddq m/Y8mDRBhABKMfZ2TeD6mirhOLEgWX8Qo16KVGj3qc02hvJnDVVUUBIEwvgyRWktqKgc4t2E 05P0Rovl6MV7ECICYT3BBCKrXHR63bwROFsO+E97QiMzI/d7ACYGnUIQ1Z9VTA2iCMlbWd0j wHUxrsFERQq6eTIEizFqt94uBvvYXB9EIMUWcMToeLpCfHHqZp7sB/AR80L/EWd3oysQmGYL 9xnQUEDa1QvYSwjiv/TEbPv2WvESn31oukdvFS/Y45dxlklDLNJnqTxgbQh0d5OLZyCUn6Kt 2Uels6V4YgmVM/RyHXcGbxTTevwvJ5p1QEwZnY1TvEcG8mFoSb/Lei8HhkiTKuWDir0UWCwO xKC0e+gzJRSIGGrfcdKj3GZUKwXIVzbPY29DJj8N4MWCrAoLVPv1Hw+NCa4gjG2+GBxwP5XE cnAK66EUy1FYZmLORLrHo/xJ5dwnXtgrY4SLLimpymaPU22PibKEOxYawvXNYjULsqs+W3oz jqWDOPSoz03bQE0SnO/HVc7IQ9YIH4lK4rxrsALJOePLhA/QDMqCuPLwKNncItgxvwHmuDN9 3C7e0lZ1Fug2iGXdVTUMihuOOH1QJJyjXMnJihwb1ym7GcuPNS056AFepppIbR+rL5/zeR5R uUuctmbBqgdUSzO/jkQNMGvrIFreBmxqxiJOi6pPGo2c5J6HlSb8d74ZAr/siIJC3Pv58c5p rSh0CLdQIYCGFs+XJqHNqr3wgro73YHme90U0/ZGfVpeR3hoNpwNij8rv4rOMVQex/N8SSXi lSNChACqOiT/4JsqIvVhbqJppuCGvdlGhYIBHHS6Lu7OHWI/menxoMcAu+EcSqECTHx8aSmI +5U0+v9ILsMm1MT69hwFLNizKQf4drzpuAFklQ4TSuTN1n7WKl9JnSm3NVUsvwfz7BUjgK6R 0aT94QIIr6OIs7kTAYcKQdNgj5vDh3Idu0+NcgIHXg= IronPort-HdrOrdr: A9a23:a6ptG6nRYVai5PPNENCW9qc6MvXpDfIu3DAbv31ZSRFFG/Fxl6 iV8sjztCWE8Qr5N0tBpTntAsW9qDbnhPtICOoqTNGftWvdyQiVxehZhOOIqVDd8m/Fh4pgPM 9bAs9D4bbLbGSS4/yU3ODBKadD/OW6 X-IronPort-AV: E=Sophos;i="5.88,353,1635220800"; d="scan'208";a="63762677" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper Subject: [PATCH 3/6] x86/tsx: Cope with TSX deprecation on WHL-R/CFL-R Date: Tue, 8 Feb 2022 18:09:39 +0000 Message-ID: <20220208180942.14871-4-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220208180942.14871-1-andrew.cooper3@citrix.com> References: <20220208180942.14871-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1644343834036100003 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The February 2022 microcode is formally de-featuring TSX on the TAA-impacted client CPUs. The backup TAA mitigation (VERW regaining its flushing side effect) is being dropped, meaning that `smt=3D0 spec-ctrl=3Dmd-clear` no lo= nger protects against TAA on these parts. The new functionality enumerates itself via the RTM_ALWAYS_ABORT CPUID bit (the same as June 2021), but has its control in MSR_MCU_OPT_CTRL as opposed to MSR_TSX_FORCE_ABORT. TSX now defaults to being disabled on ucode load. Furthermore, if SGX is enabled in the BIOS, TSX is locked and cannot be re-enabled. In this case, override opt_tsx to 0, so the RTM/HLE CPUID bits get hidden by default. While updating the command line documentation, take the opportunity to add a paragraph explaining what TSX being disabled actually means, and how migrat= ion compatibility works. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- docs/misc/xen-command-line.pandoc | 25 +++++++++--- xen/arch/x86/include/asm/msr-index.h | 2 + xen/arch/x86/spec_ctrl.c | 7 +++- xen/arch/x86/tsx.c | 76 ++++++++++++++++++++++++++++++++= ++++ 4 files changed, 103 insertions(+), 7 deletions(-) diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line= .pandoc index 6b3da6ddc16c..8e75e592e70a 100644 --- a/docs/misc/xen-command-line.pandoc +++ b/docs/misc/xen-command-line.pandoc @@ -2387,7 +2387,9 @@ Several microcode updates are relevant: Introduced MSR_TSX_CTRL on all TSX-enabled MDS_NO parts to date, CLX/WHL-R/CFL-R, with the controls becoming architectural moving forward and formally retiring HLE from the architecture. The user can disable = TSX - to mitigate TAA, and elect to hide the HLE/RTM CPUID bits. + to mitigate TAA, and elect to hide the HLE/RTM CPUID bits. Also causes + VERW to once-again flush the microarchiectural buffers in case a TAA + mitigation is wanted along with TSX being enabled. =20 * June 2021, removing the workaround for March 2019 on client CPUs and formally de-featured TSX on SKL/KBL/WHL/CFL (Note: SKX still retains the @@ -2395,19 +2397,32 @@ Several microcode updates are relevant: PCR3 works fine, and TSX is disabled by default, but the user can re-en= able TSX at their own risk, accepting that the memory order erratum is unfix= ed. =20 + * February 2022, removing the VERW flushing workaround from November 2019= on + client CPUs and formally de-featuring TSX on WHL-R/CFL-R (Note: CLX sti= ll + retains the VERW flushing workaround). TSX defaults to disabled, and is + locked off when SGX is enabled in the BIOS. When SGX is not enabled, T= SX + can be re-enabled at the users own risk, as it reintroduces the TSX Asy= nc + Abort speculative vulnerability. + On systems with the ability to configure TSX, this boolean offers system w= ide control of whether TSX is enabled or disabled. =20 +When TSX is disabled, transactions unconditionally abort. This is compati= ble +with the TSX spec, which requires software to have a non-transactional pat= h as +a fallback. The RTM and HLE CPUID bits are hidden from VMs by default, but +can be re-enabled if required. This allows VMs which previously saw RTM/H= LE +to be migrated in, although any TSX-enabled software will run with reduced +performance. + + * When TSX is locked off by firmware, `tsx=3D` is ignored and treated as + `false`. + * An explicit `tsx=3D` choice is honoured, even if it is `true` and would result in a vulnerable system. =20 * When no explicit `tsx=3D` choice is given, parts vulnerable to TAA will= be mitigated by disabling TSX, as this is the lowest overhead option. =20 - If the use of TSX is important, the more expensive TAA mitigations can = be - opted in to with `smt=3D0 spec-ctrl=3Dmd-clear`, at which point TSX wil= l remain - active by default. - * When no explicit `tsx=3D` option is given, parts susceptible to the mem= ory ordering errata default to `true` to enable working TSX. Alternatively, selecting `tsx=3D0` will disable TSX and restore PCR3 to a working stat= e. diff --git a/xen/arch/x86/include/asm/msr-index.h b/xen/arch/x86/include/as= m/msr-index.h index ab68ef2681a9..9df1959fe5a1 100644 --- a/xen/arch/x86/include/asm/msr-index.h +++ b/xen/arch/x86/include/asm/msr-index.h @@ -78,6 +78,8 @@ =20 #define MSR_MCU_OPT_CTRL 0x00000123 #define MCU_OPT_CTRL_RNGDS_MITG_DIS (_AC(1, ULL) << 0) +#define MCU_OPT_CTRL_RTM_ALLOW (_AC(1, ULL) << 1) +#define MCU_OPT_CTRL_RTM_LOCKED (_AC(1, ULL) << 2) =20 #define MSR_RTIT_OUTPUT_BASE 0x00000560 #define MSR_RTIT_OUTPUT_MASK 0x00000561 diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index 3628b4b4154f..2b93468d396e 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -1233,11 +1233,14 @@ void __init init_speculation_mitigations(void) * the MDS mitigation of disabling HT and using VERW flushing. * * On CPUs which advertise MDS_NO, VERW has no flushing side effect un= til - * the TSX_CTRL microcode is loaded, despite the MD_CLEAR CPUID bit be= ing + * the TSX_CTRL microcode (Nov 2019), despite the MD_CLEAR CPUID bit b= eing * advertised, and there isn't a MD_CLEAR_2 flag to use... * + * Furthermore, the VERW flushing side effect is removed again on clie= nt + * parts with the Feb 2022 microcode. + * * If we're on affected hardware, able to do something about it (which - * implies that VERW now works), no explicit TSX choice and traditional + * implies that VERW might work), no explicit TSX choice and tradition= al * MDS mitigations (no-SMT, VERW) not obviosuly in use (someone might * plausibly value TSX higher than Hyperthreading...), disable TSX to * mitigate TAA. diff --git a/xen/arch/x86/tsx.c b/xen/arch/x86/tsx.c index c3b8a7ec0076..be89741a2f6d 100644 --- a/xen/arch/x86/tsx.c +++ b/xen/arch/x86/tsx.c @@ -14,6 +14,9 @@ * This is arranged such that the bottom bit encodes whether TSX is actual= ly * disabled, while identifying various explicit (>=3D0) and implicit (<0) * conditions. + * + * This option only has any effect on systems presenting a mechanism of + * controlling TSX behaviour, and where TSX isn't force-disabled by firmwa= re. */ int8_t __read_mostly opt_tsx =3D -1; int8_t __read_mostly cpu_has_tsx_ctrl =3D -1; @@ -54,6 +57,66 @@ void tsx_init(void) cpu_has_tsx_ctrl =3D !!(caps & ARCH_CAPS_TSX_CTRL); has_rtm_always_abort =3D cpu_has_rtm_always_abort; =20 + if ( cpu_has_tsx_ctrl && cpu_has_srbds_ctrl ) + { + /* + * On a TAA-vulnerable or later part with at least the May 2020 + * microcode mitigating SRBDS. + */ + uint64_t val; + + rdmsrl(MSR_MCU_OPT_CTRL, val); + + /* + * Probe for the February 2022 microcode which de-features TSX= on + * TAA-vulnerable client parts - WHL-R/CFL-R. + * + * RTM_ALWAYS_ABORT (read above) enumerates the new functional= ity, + * but is read as zero if MCU_OPT_CTRL.RTM_ALLOW has been set + * before we run. Undo this. + */ + if ( val & MCU_OPT_CTRL_RTM_ALLOW ) + has_rtm_always_abort =3D true; + + if ( has_rtm_always_abort ) + { + if ( val & MCU_OPT_CTRL_RTM_LOCKED ) + { + /* + * If RTM_LOCKED is set, TSX is disabled because SGX is + * enabled, and there is nothing we can do. Override = with + * tsx=3D0 so all other logic takes sensible actions. + */ + printk(XENLOG_WARNING "TSX locked by firmware - disabl= ing\n"); + opt_tsx =3D 0; + } + else + { + /* + * Otherwise, set RTM_ALLOW. Not because we necessari= ly + * intend to enable RTM, but it prevents + * MSR_TSX_CTRL.RTM_DISABLE from being ignored, thus + * allowing the rest of the TSX selection logic to wor= k as + * before. + */ + val |=3D MCU_OPT_CTRL_RTM_ALLOW; + } + + set_in_mcu_opt_ctrl( + MCU_OPT_CTRL_RTM_LOCKED | MCU_OPT_CTRL_RTM_ALLOW, val); + + /* + * If no explicit tsx=3D option is provided, pick a defaul= t. + * + * With RTM_ALWAYS_ABORT, the default ucode behaviour is to + * disable, so match that. This does not override explici= t user + * choices, or implicit choices as a side effect of spec-c= trl=3D0. + */ + if ( opt_tsx =3D=3D -1 ) + opt_tsx =3D 0; + } + } + if ( cpu_has_tsx_force_abort ) { /* @@ -142,6 +205,19 @@ void tsx_init(void) */ if ( cpu_has_tsx_ctrl ) { + /* + * On a TAA-vulnerable part with at least the November 2019 microc= ode, + * or newer part with TAA fixed. + * + * Notes: + * - With the February 2022 microcode, if SGX has caused TSX to be + * locked off, opt_tsx is overridden to 0. TSX_CTRL.RTM_DISABL= E is + * an ignored bit, but we write it such that it matches the + * behaviour enforced by microcode. + * - Otherwise, if SGX isn't enabled and TSX is available to be + * controlled, we have or will set MSR_MCU_OPT_CTRL.RTM_ALLOW to + * let TSX_CTRL.RTM_DISABLE be usable. + */ uint32_t hi, lo; =20 rdmsr(MSR_TSX_CTRL, lo, hi); --=20 2.11.0 From nobody Sun May 19 11:06:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1644343826; cv=none; d=zohomail.com; s=zohoarc; b=X7hKVGX+uWyIBSey96euVaPVnosfy1bizxkdXK5Khz8JQBMFAfkL4DXS3RfWFipD23Q8x1rjF6FVkTt0LFK7p4DuWMmlgO3OQirT/irl2BVYyr/aukPUCKORFi1wHnPa0O01RQD7KpbTTJXhRbTPrRhREC7G8jEkR/Sxktx9mSc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1644343826; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=6FUV780HnQuyjOeQLMQh1iITIqq7l3boWm96toCy7to=; b=n7Z0gz6jUbvtbkqsQQetNSZJquNmNnAi680st2oJh6VjC126iwmdsk6TbzfP7jf95nt8TEseUy16631MV7WnnRt2WXk8BbHz+/GeYGeO1q9a6s0rA2YpnOXSdVR6E1cPwCGGBy0J1BsngobgbCB2UoZofjqVqlSdPAUzgVcaDzA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1644343826876657.5608827171262; Tue, 8 Feb 2022 10:10:26 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.268588.462491 (Exim 4.92) (envelope-from ) id 1nHUwJ-00054U-EH; Tue, 08 Feb 2022 18:10:07 +0000 Received: by outflank-mailman (output) from mailman id 268588.462491; Tue, 08 Feb 2022 18:10:07 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwJ-00052h-1z; Tue, 08 Feb 2022 18:10:07 +0000 Received: by outflank-mailman (input) for mailman id 268588; Tue, 08 Feb 2022 18:10:05 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwG-0004K6-S5 for xen-devel@lists.xenproject.org; Tue, 08 Feb 2022 18:10:04 +0000 Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com [216.71.155.144]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 5517281e-890a-11ec-8f75-fffcc8bd4f1a; Tue, 08 Feb 2022 19:10:03 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 5517281e-890a-11ec-8f75-fffcc8bd4f1a DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1644343802; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=r07JJ+ieARO/h3VHmKJxMVxJpW20MqnhjuvAZQdZY/U=; b=B7gEWGsSsNMDvWw8VTKL0bonmAQpLR/Ec0GRTC7AX6775JrcuM7Iyou1 I81yf6HWrZdGN+H3V/ksi6tP9MX44ufCcO/UZRn8IdBqJ8ETUM+3mzvq0 9QiK6TvQAMs9LEPoJD1okAVNLP0S+u0TvupCffPZzRduCLnwblXQy91AP U=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: e98P7T2EfM9xyRizm7aIx+aYydt5/N/+qk/Kcxe45UvTVtMEneIMHkXf94hK82WlTXtqq3DObr jICYC3tZAViHzEjjUCqCJj46VMtoz55SrKGvRfpIggD2WvF5qeukmpx4lSzDvr+ya8P0hCpBAf 87gfsQFvWeM64LboY7rZ4D3wSWcEIDoR2AihW30UGRB9Dvokm0n1vj5a9wvKTk8ExOLX8tRmFt L/++81aHT950omrtEQKUipCmYiZ49nTlrHobD5EEHISObEwlz3i5rHIkwx8rXJSkgVnbkU0gfk E+X1lsz+gpJMRofX+9Z/lblb X-SBRS: 5.1 X-MesageID: 65977667 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:zdfhNKBDFULg6hVW/wvkw5YqxClBgxIJ4kV8jS/XYbTApGlwgjQCn GJJXG3UOqvcZWbwfotxaYi18h8EvpGEmN5jQQY4rX1jcSlH+JHPbTi7wuYcHM8wwunrFh8PA xA2M4GYRCwMo/u1Si6FatANl1ElvU2zbue6WL6s1hxZH1c+En970UI7wYbVv6Yz6TSHK1LV0 T/Ni5W31G+Ng1aY5UpNtspvADs21BjDkGtwUm4WPJinj3eH/5UhN7oNJLnZEpfNatI88thW5 Qr05OrREmvxp3/BAz4++1rxWhVirrX6ZWBihpfKMkQLb9crSiEai84G2PQghUh/iAXUsu8o6 eV27bOrTCsSIL+Rx+RFekwNe81+FfUuFL7vJHG+tYqYzlHccmuqyPJrZK00FdRGoKAtWzgIr KFGbmBWBvyAr7veLLaTY+9gnMk8auLsO5sSoCpIxjDFF/c2B5vERs0m4PcGgWZv2Z4QQp4yY eIjchNPRUjiMyFxM08rK6IFseWEimDwJmgwRFW9+vNsvjm7IBZK+KjgNp/Zd8KHQe1Rn12Ev STW8mLhGBYYOdeDjz2f/RqRavTnxH2hHthITfvhq6As0Ab7KnEv5AM+VmvmjMbgq36FA/1EL mAv5Dhz8qhq3Rn+JjXiZCGQrHmBtx8aftNfFewm9Q2AopbpDxal6nssFWAYNoF/3CMibXlzj wLSwYu1bdB6mODNERqgGqGoQSRe0MT/BUsLfmc6QAQM+LEPS6lj30uUHr6P/ENY5+AZ+A0cI RjX9kDSZJ1J1KbnMplXGnid0lqRSmDhFFJd2+kudjvNAvlFTICkfZe0zlPQ8OxNKo2UJnHY4 iRYwpnHtb5fV8jW/MBofAnqNOv4j8tpzRWG2QI/d3Xf32jFF4GfkXB4v2gleRYB3jcscj71e k7D0T69F7cIVEZGmZRfOtrrY+xzlPCIPY28Cpj8M4ofCrAsJVTv1Hw/Oia4gTu3+GByyv5XB HtuWZv1ZZrsIf88l2TeqiZ0+eJD+x3SMkuJHc+ilEn8gePFDJNXIJ9cWGazgikCxPvsiG3oH xx3bpbiJ8x3XLKsby/J35QUKFxWf3E3CYqv855cd/KZIxogE2YkUqeDzbQkco1jvqJUiuaXo S3tBh4GkALy1S/dNAGHSnF/c7ezD5xxmm02YH43NlGy1nl9PYv2tPUDd4E6dKUM/fB4yaImV OEMfsiNW6wdSjnO9zkHQ4P6qYhuKEaiiQ6UZnL3azkjZZ9wAQfO/4a8LAfo8SAPCAuxtNc// OL8hl+KH8JbSl07XsjMaf+pw1eghlQnmbp/DxnSP91eWETw64w2eSb/ueA6fpMXIhLZyzrEi wvPWUUEpfPAqpMe+cXSgfzWtJ+gFuZzExYIH2Tf6rrqZyDW8nD6nN1FWeeMOzvcSHn16OOpY uAMl6PwN/gOnVBrtYtgEuk0kfJitoW3/7IKnB55GHjrbkiwDuIyK3aL6sBDq6lRy+ILogCxQ E+OpoFXNLjh1BkJy7LNyN7Jtti+6Mw= IronPort-HdrOrdr: A9a23:Hqhdeq26/AmlVD1o0YPFTQqjBLYkLtp133Aq2lEZdPRUGvb4qy nOpoVi6faaskdzZJhNo7+90ey7MBfhHP1OkPAs1NWZLWvbUQKTRekIh+aP/9SjIVyYygc079 YHT0EUMr3N5DZB4/oSmDPIduod/A== X-IronPort-AV: E=Sophos;i="5.88,353,1635220800"; d="scan'208";a="65977667" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper Subject: [PATCH 4/6] tests/tsx: Extend test-tsx to check MSR_MCU_OPT_CTRL Date: Tue, 8 Feb 2022 18:09:40 +0000 Message-ID: <20220208180942.14871-5-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220208180942.14871-1-andrew.cooper3@citrix.com> References: <20220208180942.14871-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1644343828899100003 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This MSR needs to be identical across the system for TSX to have identical behaviour everywhere. Furthermore, its CPUID bit (SRBDS_CTRL) shouldn't be visible to guests. Signed-off-by: Andrew Cooper Acked-by: Jan Beulich --- tools/tests/tsx/test-tsx.c | 9 ++++++++- xen/arch/x86/platform_hypercall.c | 3 +++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/tools/tests/tsx/test-tsx.c b/tools/tests/tsx/test-tsx.c index a3d987b6d2ce..f11e8c54e0de 100644 --- a/tools/tests/tsx/test-tsx.c +++ b/tools/tests/tsx/test-tsx.c @@ -42,6 +42,7 @@ enum { #define ARCH_CAPS_TSX_CTRL (1 << 7) #define MSR_TSX_FORCE_ABORT 0x0000010f #define MSR_TSX_CTRL 0x00000122 +#define MSR_MCU_OPT_CTRL 0x00000123 =20 static unsigned int nr_failures; #define fail(fmt, ...) \ @@ -155,6 +156,10 @@ static void test_tsx_msrs(void) printf("Testing MSR_TSX_CTRL consistency\n"); test_tsx_msr_consistency( MSR_TSX_CTRL, host.msr.arch_caps.tsx_ctrl); + + printf("Testing MSR_MCU_OPT_CTRL consistency\n"); + test_tsx_msr_consistency( + MSR_MCU_OPT_CTRL, host.cpuid.feat.srbds_ctrl); } =20 /* @@ -313,7 +318,8 @@ static void test_guest_policies(const struct xc_cpu_pol= icy *max, =20 if ( ((cm->feat.raw[0].d | cd->feat.raw[0].d) & (bitmaskof(X86_FEATURE_TSX_FORCE_ABORT) | - bitmaskof(X86_FEATURE_RTM_ALWAYS_ABORT))) || + bitmaskof(X86_FEATURE_RTM_ALWAYS_ABORT) | + bitmaskof(X86_FEATURE_SRBDS_CTRL))) || ((mm->arch_caps.raw | md->arch_caps.raw) & ARCH_CAPS_TSX_CTRL) ) fail(" Xen-only TSX controls offered to guest\n"); =20 @@ -388,6 +394,7 @@ static void test_guest(struct xen_domctl_createdomain *= c) if ( guest_policy.cpuid.feat.hle || guest_policy.cpuid.feat.tsx_force_abort || guest_policy.cpuid.feat.rtm_always_abort || + guest_policy.cpuid.feat.srbds_ctrl || guest_policy.msr.arch_caps.tsx_ctrl ) fail(" Unexpected features advertised\n"); =20 diff --git a/xen/arch/x86/platform_hypercall.c b/xen/arch/x86/platform_hype= rcall.c index 284c2dfb9efe..bf4090c94201 100644 --- a/xen/arch/x86/platform_hypercall.c +++ b/xen/arch/x86/platform_hypercall.c @@ -80,6 +80,9 @@ static bool msr_read_allowed(unsigned int msr) =20 case MSR_TSX_CTRL: return cpu_has_tsx_ctrl; + + case MSR_MCU_OPT_CTRL: + return cpu_has_srbds_ctrl; } =20 if ( ppin_msr && msr =3D=3D ppin_msr ) --=20 2.11.0 From nobody Sun May 19 11:06:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1644343827; cv=none; d=zohomail.com; s=zohoarc; b=A8kyWzUozvntb8z14Nf04HnFJ5qWuKCqiMzvHxaJDTM+gzkDIqfz4FWLeZnjx/nxuu7K/E9rTWu5jNjtwA3ZDmxkrp9NrQwOgvnMahHbnFFNtbVSyDktHP4vNfwiT8SCjLCUeF5JR4BCxuIgRNCzvxU29hYL+IUXxFjs3JMvO3g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1644343827; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=H7xTsq9IhH00VU1jumLcRP+/sFnnGN18HZEV98lRqPU=; b=GKbA4UpJ7pW+HmWWtToYx4WSfENxEGuXMg+KrKunNzm/PZ+cUUtSGGGInV+sx7MI2hjMkiRgepbTSyo09sMlFSUIwhqhq0Kgoih4ffvTfXOtaO7MNqHTY/jtO4INlXAuo7HeK1W6pWwprE1tZm72HUpHYmuKVxcFTtqMmKG2Dl8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1644343827412137.84638494355102; Tue, 8 Feb 2022 10:10:27 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.268586.462469 (Exim 4.92) (envelope-from ) id 1nHUwH-0004Ns-1e; Tue, 08 Feb 2022 18:10:05 +0000 Received: by outflank-mailman (output) from mailman id 268586.462469; Tue, 08 Feb 2022 18:10:04 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwG-0004MA-M6; Tue, 08 Feb 2022 18:10:04 +0000 Received: by outflank-mailman (input) for mailman id 268586; Tue, 08 Feb 2022 18:10:03 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwF-0003Sy-8I for xen-devel@lists.xenproject.org; Tue, 08 Feb 2022 18:10:03 +0000 Received: from esa3.hc3370-68.iphmx.com (esa3.hc3370-68.iphmx.com [216.71.145.155]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 556eab12-890a-11ec-8eb8-a37418f5ba1a; Tue, 08 Feb 2022 19:10:02 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 556eab12-890a-11ec-8eb8-a37418f5ba1a DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1644343801; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=g1RCjDDHjvfnqi0gWZply1NwpJ3g8mhDOmKHxuxunaU=; b=YNigv7NUKC92uoYDVpCcGO1N/GDVbSL7ZU2mb15D4jy1nYYQWSvDdgVz jHlgYKu8iBFaxM4e7+CdHbugnwk2DhLm7Dl2wyHir7jnsWnnncR4r0/Nb 7/zXhAfxVmDu6KLBu3p/MLUhmDR3CZ29PQS13bVJk9Ww1GVmemPoWduMG o=; Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: PeEkcvONsdQdzoHVRVqMhiksONHdZ43648AKJhApLzEufq3XLmeSFgUunjiEofJUQmB0THWPZ4 SkxE4MFyMQuxaysvW0dyOnrgPVkWWpOhUvSGr9YnfATARq2KWVda1p6IkVrG28grF0o7G37wNk +FRNFdmOnxW3Ndz1c3gVfPCPSiyw089wtNwG5S8eFBxy9qBTiG1AUzNBlanfLUKO4KtgOCsUsa tUUXKUsiR4BjsbiT0GLpo1i6x9UojawRusiI7CKUoIPWuLzvKmXD00bGMyAzZWFdMrX6VPjj/2 iw5uIJDUw7vHj0JEoVr71T3b X-SBRS: 5.1 X-MesageID: 63762636 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:RJxsDaC9O6K1WRVW/wrkw5YqxClBgxIJ4kV8jS/XYbTApGgigzIHn 2tJUW+Aa/eDYDSgL4pxPIyy8BwO78DczYM3QQY4rX1jcSlH+JHPbTi7wuYcHM8wwunrFh8PA xA2M4GYRCwMo/u1Si6FatANl1ElvU2zbue6WL6s1hxZH1c+En970UI7wYbVv6Yz6TSHK1LV0 T/Ni5W31G+Ng1aY5UpNtspvADs21BjDkGtwUm4WPJinj3eH/5UhN7oNJLnZEpfNatI88thW5 Qr05OrREmvxp3/BAz4++1rxWhVirrX6ZWBihpfKMkQLb9crSiEai84G2PQghUh/iDm1hO18w s9xk6ezFyAtDvzFtvUPekwNe81+FfUuFL7vJHG+tYqYzlHccmuqyPJrZK00FdRGoKAtWzgIr KFGbmBWBvyAr7veLLaTY+9gnMk8auLsO5sSoCpIxjDFF/c2B5vERs0m4PcGh2hu3J4VQ54yY eJCcAdeRyj9RSdyAQ83WbUYhru21n7wJmgwRFW9+vNsvjm7IBZK+KjgNp/Zd8KHQe1Rn12Ev STW8mLhGBYYOdeDjz2f/RqRavTnxH2hHthITfvhq6As0Ab7KnEv5AM+VleHusS0gFSCfelcd WsQynsng7kg3Rn+JjXiZCGQrHmBtx8aftNfFewm9Q2AopbpDxal6nssFWAYNoF/3CMibXlzj wLSwYu1bdB6mODNERqgGqGoQSRe0MT/BUsLfmc6QAQM+LEPS6lj30uUHr6P/ENY5+AZ+A0cI RjX9kDSZJ1J1KbnMplXGnid0lqRSmDhFFJd2+kudjvNAvlFTICkfZe0zlPQ8OxNKo2UJnHY4 iRYwpnHtb5fV8jW/MBofAnqNOv4j8tpzRWG2QI/d3Xf32jFF4GfkXB4v2gleRYB3jcscj71e k7D0T69F7cIVEZGmZRfOtrrY+xzlPCIPY28Cpj8M4ofCrAsJVTv1Hw/Oia4gTu3+GByyv5XB HtuWZv1ZZrsIf88l2TeqiZ0+eJD+x3SMkuJHc+ilEn8gePFDJNXIJ9cWGazgikCxPvsiG3oH xx3baNmEj1TD7/zZDf564kWIQxYJHQ3H8mu+cdWavSCMkxtH2R4U63dxrYoeopEmaVJl7iXo iHhCxEAkFev12faLQiqa2x4bO+9V5hIsn9mbzcnOkyl2iZ/bN/3vrsfbZY+YZIu6PdnkaxvV /AAdsjZWqZPRz3L9i4zd574qIA+Jh2niRjXZ3iuYSQlfo4mTAvMo4e2cgzq/SgILyy2qcph/ OHwilKFGcIOHl0wAtzXZfSjy0KKkUIcwO8iDVHVJtRzeVn39NQ4ISLGkfJqcdoHLg/Ox2XG2 l/OUwsYv+TEv6Q87MLN2fKft46sHuZzQhhaEm3c4erkPCXW5DP+k4pJUeLOdjHBTmLkvq6lY LwNnf37NfQGmndMspZ9TOk3nf5vuYO3qu8I1BlgEVXKc0+vW+FpLXSx1MVSsrFAm+1CsgysV 0PTotRXNN1l4i8+/IL98Ob9Utm+6A== IronPort-HdrOrdr: A9a23:B2eSJ6DcKqA/HJvlHemu55DYdb4zR+YMi2TC1yhKJyC9E/bo7v xG88566faZslossTQb6LW90cq7MBXhHPxOkOos1N6ZNWGM0gaVxcNZnO/fKlXbakrDH4VmtJ uIHZIQNDSJNykZsfrH X-IronPort-AV: E=Sophos;i="5.88,353,1635220800"; d="scan'208";a="63762636" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper Subject: [PATCH 5/6] x86/cpuid: Infrastructure for cpuid word 7:2.edx Date: Tue, 8 Feb 2022 18:09:41 +0000 Message-ID: <20220208180942.14871-6-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220208180942.14871-1-andrew.cooper3@citrix.com> References: <20220208180942.14871-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1644344731123100001 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" While in principle it would be nice to keep leaf 7 in order, that would involve having an extra 5 words of zeros in a featureset. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- tools/misc/xen-cpuid.c | 5 +++++ xen/arch/x86/cpu/common.c | 4 ++++ xen/include/public/arch-x86/cpufeatureset.h | 2 ++ xen/include/xen/lib/x86/cpuid.h | 13 ++++++++++++- 4 files changed, 23 insertions(+), 1 deletion(-) diff --git a/tools/misc/xen-cpuid.c b/tools/misc/xen-cpuid.c index 3c8f3ed1bad1..40626296984b 100644 --- a/tools/misc/xen-cpuid.c +++ b/tools/misc/xen-cpuid.c @@ -200,6 +200,10 @@ static const char *const str_7b1[32] =3D [ 0] =3D "ppin", }; =20 +static const char *const str_7d2[32] =3D +{ +}; + static const struct { const char *name; const char *abbr; @@ -219,6 +223,7 @@ static const struct { { "0x00000007:1.eax", "7a1", str_7a1 }, { "0x80000021.eax", "e21a", str_e21a }, { "0x00000007:1.ebx", "7b1", str_7b1 }, + { "0x00000007:2.edx", "7d2", str_7d2 }, }; =20 #define COL_ALIGN "18" diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c index d4f5028fa2ec..c4f07f2d1da4 100644 --- a/xen/arch/x86/cpu/common.c +++ b/xen/arch/x86/cpu/common.c @@ -447,6 +447,10 @@ static void generic_identify(struct cpuinfo_x86 *c) &c->x86_capability[FEATURESET_7a1], &c->x86_capability[FEATURESET_7b1], &tmp, &tmp); + if (max_subleaf >=3D 2) + cpuid_count(7, 2, + &tmp, &tmp, &tmp, + &c->x86_capability[FEATURESET_7d2]); } =20 if (c->cpuid_level >=3D 0xd) diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/publ= ic/arch-x86/cpufeatureset.h index 957df23b65f2..81b0f5e0aad3 100644 --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -302,6 +302,8 @@ XEN_CPUFEATURE(NSCB, 11*32+ 6) /*A Null = Selector Clears Base (and /* Intel-defined CPU features, CPUID level 0x00000007:1.ebx, word 12 */ XEN_CPUFEATURE(INTEL_PPIN, 12*32+ 0) /* Protected Processor Inve= ntory Number */ =20 +/* Intel-defined CPU features, CPUID level 0x00000007:2.edx, word 13 */ + #endif /* XEN_CPUFEATURE */ =20 /* Clean up from a default include. Close the enum (for C). */ diff --git a/xen/include/xen/lib/x86/cpuid.h b/xen/include/xen/lib/x86/cpui= d.h index e87036b30380..50be07c0eba0 100644 --- a/xen/include/xen/lib/x86/cpuid.h +++ b/xen/include/xen/lib/x86/cpuid.h @@ -17,6 +17,7 @@ #define FEATURESET_7a1 10 /* 0x00000007:1.eax */ #define FEATURESET_e21a 11 /* 0x80000021.eax */ #define FEATURESET_7b1 12 /* 0x00000007:1.ebx */ +#define FEATURESET_7d2 13 /* 0x80000007:2.edx */ =20 struct cpuid_leaf { @@ -82,7 +83,7 @@ const char *x86_cpuid_vendor_to_str(unsigned int vendor); =20 #define CPUID_GUEST_NR_BASIC (0xdu + 1) #define CPUID_GUEST_NR_CACHE (5u + 1) -#define CPUID_GUEST_NR_FEAT (1u + 1) +#define CPUID_GUEST_NR_FEAT (2u + 1) #define CPUID_GUEST_NR_TOPO (1u + 1) #define CPUID_GUEST_NR_XSTATE (62u + 1) #define CPUID_GUEST_NR_EXTD_INTEL (0x8u + 1) @@ -193,6 +194,14 @@ struct cpuid_policy uint32_t _7b1; struct { DECL_BITFIELD(7b1); }; }; + uint32_t /* c */:32, /* d */:32; + + /* Subleaf 2. */ + uint32_t /* a */:32, /* b */:32, /* c */:32; + union { + uint32_t _7d2; + struct { DECL_BITFIELD(7d2); }; + }; }; } feat; =20 @@ -333,6 +342,7 @@ static inline void cpuid_policy_to_featureset( fs[FEATURESET_7a1] =3D p->feat._7a1; fs[FEATURESET_e21a] =3D p->extd.e21a; fs[FEATURESET_7b1] =3D p->feat._7b1; + fs[FEATURESET_7d2] =3D p->feat._7d2; } =20 /* Fill in a CPUID policy from a featureset bitmap. */ @@ -352,6 +362,7 @@ static inline void cpuid_featureset_to_policy( p->feat._7a1 =3D fs[FEATURESET_7a1]; p->extd.e21a =3D fs[FEATURESET_e21a]; p->feat._7b1 =3D fs[FEATURESET_7b1]; + p->feat._7d2 =3D fs[FEATURESET_7d2]; } =20 static inline uint64_t cpuid_policy_xcr0_max(const struct cpuid_policy *p) --=20 2.11.0 From nobody Sun May 19 11:06:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1644343826; cv=none; d=zohomail.com; s=zohoarc; b=SMM0DCrotx5IdENgJMwNvLME2K2uPWPzW4wJfvdVW9GWbkYKGznshm4k8CZ4zgtRJ0SZP/MCU3M6I1z6QG2VyBw6EdLkvirouRxfvUxn6l3cja9rn1kmvNCDXhDjAslob6op7ZQyw4wxgvrMwm9M0f8clGMiid0Rb+jAdfco2L0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1644343826; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=p2tnhBYY+p7l52Bi6qmmwaO9e3CDqGqkHYreu74H42c=; b=SlLtAenc6mlOJgC52uaf7q7wiFTs6WB08gChuFL2gEKI4i2lh2b1VJmoi3MpCLQOtjxqjdtf0bF1GntbgctwQfZZjyJWMgEuqQIJopjlV+RhQpzSxfXs3MXhcgi4CJyUDrSgwq0RiuPZF9iHO6qQYfkuKSiGEOFZO9KNWODXy80= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1644343826877283.9926476222786; Tue, 8 Feb 2022 10:10:26 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.268587.462483 (Exim 4.92) (envelope-from ) id 1nHUwI-0004xB-OJ; Tue, 08 Feb 2022 18:10:06 +0000 Received: by outflank-mailman (output) from mailman id 268587.462483; Tue, 08 Feb 2022 18:10:06 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwI-0004vQ-IE; Tue, 08 Feb 2022 18:10:06 +0000 Received: by outflank-mailman (input) for mailman id 268587; Tue, 08 Feb 2022 18:10:04 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nHUwG-0003Sy-94 for xen-devel@lists.xenproject.org; Tue, 08 Feb 2022 18:10:04 +0000 Received: from esa5.hc3370-68.iphmx.com (esa5.hc3370-68.iphmx.com [216.71.155.168]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 5558c99a-890a-11ec-8eb8-a37418f5ba1a; Tue, 08 Feb 2022 19:10:03 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 5558c99a-890a-11ec-8eb8-a37418f5ba1a DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1644343802; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=2Tu+0ZH5IK1WnPkeaZM/73l9bKZI3OnKw4WhQyYT/iw=; b=edVmEVSq38VzxZihXdBhC4u4BW2aNtdmsnfMMxLxnP0vrfzREo2EX/Qe o1Kd3I49lyQ1+pfRb+DtBDOjXWZYI5/f3xLn3xtJsRxI6ljeGzzx3oOWr KM0zfwm9lBdiDbLlQQ4qnVW9/JJ6KnFRtD6bTYbq2NvYo6qX14mt//u6R 4=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: f2B6KjaCFSB7Z04T9jYgUSa845KXeJRfQlW5XJ+OGlfBSnpBcniU+oSFTQt4RAL7WomC+ZvBOG bzFZARTO8hGTAf7+9CqtungXvLkbObngdLDWBOiH0RwdEb+WONWKo3R4nsfOuC/GYElp0aqSD5 pjigXSnHAOxq46GhCRNHw1JOEVOidoAcKyoZeItmxEce/bCrbxPBZmxDlHysVm3eo8JrPC4/tm MS3LtNNNEI6B0uMDwn1R3izm6KH3Gy+1frFe56hFCxY3KC2QQRP02XDDbf6LTd9OvybCIUjucK PWh3C3jBVeKC00f8CsbXDPCx X-SBRS: 5.1 X-MesageID: 63217625 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:2t5viKw+GI5e9/tR3Lx6t+cUwSrEfRIJ4+MujC+fZmUNrF6WrkUOz DZKUG+CM/6LNjT2c41/b47loB8H75fTn4RgGgVkpCAxQypGp/SeCIXCJC8cHc8zwu4v7q5Dx 59DAjUVBJlsFhcwnvopW1TYhSEUOZugH9IQM8aZfHAhLeNYYH1500g7wbZp2tQAbeWRWGthh /uj+6UzB3f9s9JEGjp8B3Wr8U4HUFza4Vv0j3RmDRx5lAa2e0o9VfrzEZqZPXrgKrS4K8bhL wr1IBNVyUuCl/slIovNfr8W6STmSJaKVeSFoiI+t6RPHnGuD8H9u0o2HKN0VKtZt9mGt9826 NQW6K2tcgd3P6+WpfgxWiRITT4raMWq+JefSZS+mcmazkmAeHrw2fR+SkoxOOX0+M4uXzsIr 6ZBbmlQMFbT3Ipaw5riIgVoru0lINPmI8U0vXZ4wCuCJf0nXYrCU+PB4towMDIY2JsURKmAP ZdxhTxHbk6QbUFUPG4uA7EOwvyTjWGnTX5zkQfAzUYwyzeKl1EguFT3C/LFd9rPSchLk0Kwo mPd43+/EhwcLMaYyzeO7jSrnOCnoM/gcNtMTvvirKcs2QDNgDxIYPELabelifb+qk/lBuNCE ExK+yh0kLQe/XG7EMaoCnVUv0W4lhIbXtNRFcgz5weM1rfY7m6lO4QUctJSQId47ZFrHFTGw nfMxoq0XmI37NV5XFrAru/8kN+kBcQCwYbujwcgRBBN3dTsqZpbYvnnHoc6S/7dYjEY9FjNL 9G2QMoW2u97YS0jjfzTEbX7b9WE/Mmhc+LNzl+LNl9JFysgDGJfW6Sm6ELA8dFLJ5uDQ1+Ks RAswpbCsLlfVMjTxXbUG43h+Y1FAN7fYVXhbaNHRcF9p1xBBVb/FWyv3N2ODBgwaZtVEdMYS ETSpRlQ9Pdu0IiCNsdKj3aKI51yl8DITI29PtiNN4YmSsUhJWevoXA1DWbNjj+FuBZ3y8kXZ 8zEGftA+F5HUMyLOhLtHLxDuVLqrwhjrV7uqWfTlUz4iOHDPy7MEt/o8jKmN4gE0U9Nmy2Nm /43CidA40k3vDTWbnaF/IgNA0oNKHRnV5n6p9YOLryIIxZ8GXFnAPjUmOtzd4tglqVTt+HJ4 nDiBRMIlAuh3SXKeVeQd3RuSLLzRpIj/3g1CjMhYASz0H85bIfxsKpGL8krfaMq/fBIxOJvS 6VXYN2JB/lCE2yV+zkUYZTngpZlcRCn2VCHMya/OWBtdJ98XQ3ZvNTje1K3piUJCyO2s+o4o qGhiVyHEcZSGVw6AZ+POvy1zl63sXwMo85IXhPFcotJZUHh0Il2MCit3PU5FN4BdEfYzTyA2 gfIXRpB/bvRo5U4+cXijLyfq9v7CPN3G0dXEjWJ7buyMiWGrGOvzZUZDbSNdDHZEmj15L+jd aNeyPSlaK8Lm1NDsoxdFbd3zP1hu4uz9uEClgk0Tm/Wa1mLC697JijU1MZCgaRB27tFtFbkQ UmI4NRbZe2ENc6N/IT9/+b5gjBvDc0ppwQ= IronPort-HdrOrdr: A9a23:rtFV0KHYTyU1by84pLqE7MeALOsnbusQ8zAXP0AYc31om62j5r iTdZsgpHzJYVoqN03I3OrwXJVoIkmsjKKdg7NhX4tKNTOO0ADDQe1fBMnZslrd8kXFh4hgPM xbE5SWZuefMbEDt7ee3DWF X-IronPort-AV: E=Sophos;i="5.88,353,1635220800"; d="scan'208";a="63217625" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper Subject: [PATCH 6/6] x86/spec-ctrl: Support Intel PSFD for guests Date: Tue, 8 Feb 2022 18:09:42 +0000 Message-ID: <20220208180942.14871-7-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220208180942.14871-1-andrew.cooper3@citrix.com> References: <20220208180942.14871-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1644343828973100006 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The Feb 2022 microcode from Intel retrofits AMD's MSR_SPEC_CTRL.PSFD interf= ace to Sunny Cove (IceLake) and later cores. Update the MSR_SPEC_CTRL emulation, and expose it to guests. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- tools/libs/light/libxl_cpuid.c | 2 ++ tools/misc/xen-cpuid.c | 1 + xen/arch/x86/msr.c | 2 +- xen/arch/x86/spec_ctrl.c | 7 +++++-- xen/include/public/arch-x86/cpufeatureset.h | 1 + xen/tools/gen-cpuid.py | 2 +- 6 files changed, 11 insertions(+), 4 deletions(-) diff --git a/tools/libs/light/libxl_cpuid.c b/tools/libs/light/libxl_cpuid.c index e1acf6648db4..d462f9e421ed 100644 --- a/tools/libs/light/libxl_cpuid.c +++ b/tools/libs/light/libxl_cpuid.c @@ -234,6 +234,8 @@ int libxl_cpuid_parse_config(libxl_cpuid_policy_list *c= puid, const char* str) {"fsrs", 0x00000007, 1, CPUID_REG_EAX, 11, 1}, {"fsrcs", 0x00000007, 1, CPUID_REG_EAX, 12, 1}, =20 + {"intel-psfd", 0x00000007, 2, CPUID_REG_EDX, 0, 1}, + {"lahfsahf", 0x80000001, NA, CPUID_REG_ECX, 0, 1}, {"cmplegacy", 0x80000001, NA, CPUID_REG_ECX, 1, 1}, {"svm", 0x80000001, NA, CPUID_REG_ECX, 2, 1}, diff --git a/tools/misc/xen-cpuid.c b/tools/misc/xen-cpuid.c index 40626296984b..0b1b3333fe71 100644 --- a/tools/misc/xen-cpuid.c +++ b/tools/misc/xen-cpuid.c @@ -202,6 +202,7 @@ static const char *const str_7b1[32] =3D =20 static const char *const str_7d2[32] =3D { + [ 0] =3D "intel-psfd", }; =20 static const struct { diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c index 4ac5b5a048eb..01a15857b740 100644 --- a/xen/arch/x86/msr.c +++ b/xen/arch/x86/msr.c @@ -443,7 +443,7 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t = *val) uint64_t msr_spec_ctrl_valid_bits(const struct cpuid_policy *cp) { bool ssbd =3D cp->feat.ssbd || cp->extd.amd_ssbd; - bool psfd =3D cp->extd.psfd; + bool psfd =3D cp->feat.intel_psfd || cp->extd.psfd; =20 /* * Note: SPEC_CTRL_STIBP is specified as safe to use (i.e. ignored) diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index 2b93468d396e..cbeeb199037e 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -307,11 +307,13 @@ custom_param("pv-l1tf", parse_pv_l1tf); =20 static void __init print_details(enum ind_thunk thunk, uint64_t caps) { - unsigned int _7d0 =3D 0, e8b =3D 0, tmp; + unsigned int _7d0 =3D 0, _7d2 =3D 0, e8b =3D 0, max =3D 0, tmp; =20 /* Collect diagnostics about available mitigations. */ if ( boot_cpu_data.cpuid_level >=3D 7 ) - cpuid_count(7, 0, &tmp, &tmp, &tmp, &_7d0); + cpuid_count(7, 0, &max, &tmp, &tmp, &_7d0); + if ( max >=3D 2 ) + cpuid_count(7, 2, &tmp, &tmp, &tmp, &_7d2); if ( boot_cpu_data.extended_cpuid_level >=3D 0x80000008 ) cpuid(0x80000008, &tmp, &e8b, &tmp, &tmp); =20 @@ -345,6 +347,7 @@ static void __init print_details(enum ind_thunk thunk, = uint64_t caps) (_7d0 & cpufeat_mask(X86_FEATURE_STIBP)) ? " STIBP" = : "", (e8b & cpufeat_mask(X86_FEATURE_AMD_SSBD)) || (_7d0 & cpufeat_mask(X86_FEATURE_SSBD)) ? " SSBD" = : "", + (_7d2 & cpufeat_mask(X86_FEATURE_INTEL_PSFD)) || (e8b & cpufeat_mask(X86_FEATURE_PSFD)) ? " PSFD" = : "", (_7d0 & cpufeat_mask(X86_FEATURE_L1D_FLUSH)) ? " L1D_FLUSH= " : "", (_7d0 & cpufeat_mask(X86_FEATURE_MD_CLEAR)) ? " MD_CLEAR"= : "", diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/publ= ic/arch-x86/cpufeatureset.h index 81b0f5e0aad3..9cee4b439e9f 100644 --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -303,6 +303,7 @@ XEN_CPUFEATURE(NSCB, 11*32+ 6) /*A Null = Selector Clears Base (and XEN_CPUFEATURE(INTEL_PPIN, 12*32+ 0) /* Protected Processor Inve= ntory Number */ =20 /* Intel-defined CPU features, CPUID level 0x00000007:2.edx, word 13 */ +XEN_CPUFEATURE(INTEL_PSFD, 13*32+ 0) /*A MSR_SPEC_CTRL.PSFD */ =20 #endif /* XEN_CPUFEATURE */ =20 diff --git a/xen/tools/gen-cpuid.py b/xen/tools/gen-cpuid.py index 39c8b0c77465..e0e3f2f46386 100755 --- a/xen/tools/gen-cpuid.py +++ b/xen/tools/gen-cpuid.py @@ -287,7 +287,7 @@ def crunch_numbers(state): # IBRSB/IBRS, and we pass this MSR directly to guests. Treating t= hem # as dependent features simplifies Xen's logic, and prevents the g= uest # from seeing implausible configurations. - IBRSB: [STIBP, SSBD], + IBRSB: [STIBP, SSBD, INTEL_PSFD], IBRS: [AMD_STIBP, AMD_SSBD, PSFD, IBRS_ALWAYS, IBRS_FAST, IBRS_SAME_MODE], AMD_STIBP: [STIBP_ALWAYS], --=20 2.11.0